Talk:Sony Update Downloads
From Exploitee.rs
Jump to navigationJump to search
I worked on expanding the pad a bit. Here's the script I use.
#!/usr/bin/perl use strict; package abliss; my $start = shift; open HEX, "<./history/other/RfHid_v0156_2010091601_NL.hex" or die; open OUT, ">>pad.bin"; open IN, "<pad.bin"; my @files = ( "./history/NBL/batch_sync-vfat.sh", "./history/board_conf.sh", "./history/other/check_spectra1_20100929.sh", "./history/other/factory_reset_conditional_keepremote_20101012.sh", "./history/other/format_sda_20100514.sh"); my @fds; for (my $i = 0; $i <= $#files; $i++) { open (my $fd, $files[$i]) or die "can't open " . $files[$i]; push(@fds, $fd); } my @contents; my $hexbyte; my @hexchars = qw(0 1 2 3 4 5 6 7 8 9 A B C D E F :); push(@hexchars, "\r"); push(@hexchars, "\n"); my @output = (); our $xorbyte; while (read(HEX, $hexbyte, 1)) { for (my $i = 0; $i <= $#files; $i++) { my $char; if (read($fds[$i], $char, 1)) { $contents[$i] .= $char; if (length($contents[$i]) > 30) { $contents[$i] = substr($contents[$i], 1); } } } if ($start-- > 0) { my $char; read(IN, $char, 1); $xorbyte = ord($char); } else { for (my $j = 0; $j <= $#hexchars; $j++) { $xorbyte = ord($hexbyte) ^ ord($hexchars[$j]); my $choices = ""; my $ok = 1; for (my $i = 0; $i <= $#files; $i++) { my $neword = (ord(substr($contents[$i],length($contents[$i]) - 1)) ^ $xorbyte); if ($neword > 127 || ($neword < 32 && $neword != 9 && # tab $neword != 10 && # LF $neword != 13 # CR )) { $ok = 0; #printf "==== %2d ====\n%s\n", $j, xorlastbyte($contents[$i]); last; } } if ($ok) { printf "==== %2d ====\n%s\n", $j, join("\n--\n", map {xorlastbyte($_)} @contents); } } my $answer = <STDIN>; chomp $answer; if ($answer eq "q") { close OUT; die; } $xorbyte = ord($hexbyte) ^ ord($hexchars[$answer]); print OUT chr($xorbyte); } @contents = map {xorlastbyte($_)} @contents; } sub xorlastbyte { my $content = shift; if ($content) { my @chars = split(//, $content); $chars[-1] = chr(ord($chars[-1])^ $xorbyte); return join('', @chars); } }
Here's my pad, 134 chars:
00000000 38 cf 4f aa 7a 8a 2e 3e 2b 41 82 9a ad 31 e9 dc |8.O.z..>+A...1..| 00000010 ef 47 2f 0b 26 76 12 fe 5f 5b 58 e1 10 18 7d e6 |.G/.&v.._[X...}.| 00000020 ad 92 1b 91 8e 90 69 f7 8a 9b 68 d8 98 58 fa 95 |......i...h..X..| 00000030 63 81 d6 5f 04 7d 29 8b 09 cf b9 21 b8 d9 df dd |c.._.})....!....| 00000040 c4 7e 71 d9 3f 35 ea 7b 0d ec 7f d1 a3 76 64 88 |.~q.?5.{.....vd.| 00000050 a5 8e 27 49 60 c0 a0 bc 77 54 31 e3 d6 6a bf e5 |..'I`...wT1..j..| 00000060 1b 42 25 da a3 97 b8 e1 ba 54 13 5b 68 31 da ff |.B%......T.[h1..| 00000070 1c 5c 15 46 4e 32 f1 76 50 e0 4e f3 ab 9a 28 bb |.\.FN2.vP.N...(.| 00000080 b5 cf 2f 50 24 45 |../P$E|
I checked the checksums in the .hex file and they all validate so far.